CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Public Exploit Released: Critical Trend Micro Flaw Grants SYSTEM Access
Trend Micro has issued a critical security alert for users of Apex Central (on-premise), patching a dangerous remote code execution (RCE) vulnerability that could allow attackers to hijack systems wit ...
-
Daily CyberSecurity
Bluetooth Broken? Apache NimBLE Flaws Enable Spoofing & Eavesdropping
The Apache Software Foundation has issued urgent patches for Apache NimBLE, the open-source Bluetooth 5.4 stack used to replace proprietary drivers on Nordic chipsets. A cluster of four security vulne ...
-
Daily CyberSecurity
Guloader Malware Rides Wave of Fake Performance Reports
Cybercriminals are weaponizing workplace anxiety in a new sophisticated phishing campaign. The AhnLab Security Intelligence Center (ASEC) has issued a warning regarding a malicious operation that leve ...
-
Daily CyberSecurity
The 9.6 Crack in Java’s Foundation: Critical Undertow Flaw CVE-2025-12543
A foundational crack has been discovered in the bedrock of the Java web ecosystem. Undertow, the high-performance web server that powers enterprise heavyweights like WildFly and JBoss EAP, has been hi ...
-
Daily CyberSecurity
Wide Open Firewall: Critical Foomuuri Flaws Let Local Users Take Control
The SUSE Security Team has released a detailed report exposing multiple vulnerabilities in Foomuuri, a popular nftables-based firewall manager for Linux, that left the firewall’s management interface ...
-
BleepingComputer
VMware ESXi zero-days likely exploited a year before disclosure
Chinese-speaking threat actors used a compromised SonicWall VPN appliance to deliver a VMware ESXi exploit toolkit that seems to have been developed more than a year before the targeted vulnerabilitie ...
-
seclists.org
KL-001-2026-01: yintibao Fun Print Mobile Unauthorized Access via Context Hijacking
Full Disclosure mailing list archives From: KoreLogic Disclosures via Fulldisclosure <fulldisclosure () seclists org> Date: Thu, 8 Jan 2026 15:03:37 -0600 KL-001-2026-01: yintibao Fun Print Mobile Una ...
-
hackread.com
n8n Users Urged to Patch CVSS 10.0 Full System Takeover Vulnerability
If your company uses n8n to handle daily tasks, it is time to check your version number. A major security flaw has been found in the platform, and it’s about as serious as it gets. The firm Upwind rec ...
-
The Register
Patch Cisco ISE bug now before attackers abuse proof-of-concept exploit
Cisco patched a bug in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) products that allows remote attackers with admin-level privileges to access sensitive information ...
-
The Cyber Express
CISA Warns of Attacks on PowerPoint and HPE Vulnerabilities
A 16-year-old Microsoft PowerPoint flaw and a new maximum-severity HPE vulnerability are the latest additions to CISA’s Known Exploited Vulnerabilities (KEV) catalog. CVE-2025-37164 is a 10.0-rated Co ...